"Secure", as in secure programs - No single definition; never 100% secure
"The Cloud" - "Someone Else's Computer"
"Upstream Early and Often" - Popular open source motto regarding code changes
Access Control List - Each object has a list of right per object or user; inverse of a file directory
A...
MSIS 4123 Exam 2 "Secure", as in secure programs - No single definition; never 100% secure "The Cloud" - "Someone Else's Computer" "Upstream Early and Often" - Popular open source motto regarding code changes Access Control List - Each object has a list of right per object or user; inverse of a file directory Active fault detection - Prorgrams should watch for errors; redundant (duplicate) systems should take the place of failed systems if possible Apache License 2.0 - Can be applied to both copyrights and patents Appropriate Confidence Level in Trusted Software - Trust matches the sensitivity of the environment and the data ASCII - American Standard code for info interchange A standard for representing binary values as human -interpreted characters; a code sheet Assembly language - One step up from machine code; Uses words like "push" and "pop" and "add" Assurance (Trusted Systems) - Our belief that the O/S in implemented in a way that enforces the security policy Audit Logs - Track actions in computer; who did what, when Base Register - Variable fence register that sets the lower bound (lower memory location) Bell-LaPadula Model - Simple Security Property (no read up) * - Property (no write down) All about confidentiality Biba Model - Simple Integrity Rule (no read down) Integrity * -Property (no write up) All about the integrity of the data Biometrics - Authentication that relies on physical characteristics of user BIOS - The first set of instructions ran by a computer; stored in ROM Black Box Testing - Trying to break a program without looking at the code Bounds Register - Variable fence register that sets the upper memory location Brain Virus - Early prototype virus; boot sector virus Brute Force Attack - Trying every possible password combination BSD License - Fewer restrictions than GPL; New BSD restricts use of contributor names for endorsement of a derived work Buffer Overflow - Commiting more data to memory than has been allotted; this pushes data into other memory regions, can allow improper access Change Control - Senior group that reviews and decides on major software changes Chinese Wall Security Policy - Confidentiality; Working on X bars you from seeing Y; Law firm example Clark -Wilson Commercial Security Policy - Integrity and Confidentiality; well -formed transactions; separation of duty Clear Box Testing - Trying to break a program while having the advantage of also seeing the code. Code Red - Very bad virus; exploited IIS; used buffer overflow; different actions on different days Cohesion - We want high cohesion; all code in a module relates to that module Commerical Security Policies - No formal clearances; poor regulation of rules; internal data vs everything else Common Criteria - US/Canadian rewrite of the DoD Orange Book; 1992 Compiled code - All the code is turned into machine code at once; An .exe file is compiled code Complete Mediation - Every access attempt is checked Concurrency Managment - Concurrency management is ensuring that many people can change data at the same time but in some sane order Contributor (Open Source Software) - Someone who has made new code or code changes that are accepted into the original source code Counting in binary - Number right to left starting with 1 and doubling to 256. Add all the numbers over a "1" in binary
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper ACADEMICMATERIALS. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €7,78. Je zit daarna nergens aan vast.
